Usually this is a long text, filled with grey legal clauses and technical jargon that nearly no one understands. Yet, here you are, curious about how we deal with such matters, and it’s our goal to make this as painstaking and informative as possible. After all, we want you to use our website and reassure you of all that’s happening, in a clear and straight-forward way. So, bare a few minutes with us, we promise to keep it as short as possible and as informative as we can. Let’s begin…
1) WHO WE ARE
Dome World is the main manufacturer and distributor in the Iberian Peninsula of the Buckminster Fuller geodesic concept, adapted to current regulations. Created in 2008, Dome World is an innovative, flexible, high-powered, customer-focused company that provides domes for small, medium and large events that require the most innovative technological means or provide powerful sensory experiences. It has offices in Lisbon and London, distribution throughout the Iberian Peninsula and operations throughout Western Europe. The address of our website is: https://www.domeworld.pt Our contacts are: Office Rua Pêro Escobar, 10 2750-188 Cascais Contact [email protected] + (351) 936 104 040
2) THE SCOPE OF THIS WEBSITE
The purpose of this website is to provide information about ourselves, our products, services and areas of interest to existing and future stakeholders of our company. The content of this site is provided for the purpose of providing information of a general nature and does not constitute the provision of services. We exclude alll liability for any damages that may occur related to the information contained on this site. This site is for informational purposes only and does not contain advertising content. Our company authorizes the temporary downloading and storage of the content of this site for the purpose of viewing it on a computer or mobile device with an internet connection. The reproduction, permanent storage or retransmission of the content of this site, including any of its texts or images, is expressly prohibited without prior written consent. All rights relating to this site are the exclusive property of our company.
3) WHAT IS PERSONAL DATA
The Eurpoean Union formally defines Personal data as any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the law. Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible. The European law protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organised in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR. Examples of personal data
- a name and surname;
- a home address;
- an email address such as [email protected];
- an identification card number;location data (for example the location data function on a mobile phone); an Internet Protocol (IP) address;
- a cookie ID;
- the advertising identifier of your phone;
- data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.
Examples of data not considered personal data
- a company registration number;
- an email address such as [email protected];
- anonymised data.
4) WHAT PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT
Our website allows you to manually insert personal data – in contact, comment or login forms – and, like most modern websites, also automatically collects some data related to the device you are using to access or it’s location. This data is primarily technical data and is collected automatically as soon as you enter our website.
COOKIES: HOW AUTOMATED DATA IS COLLECTED
COMMENT AND LOGIN COOKIES
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
SESSION, LANGUAGE AND GDPR OPT-IN COOKIES
When you access this website, a “session cookie” is set in your computer. The session cookie is used to optimize te site usage for you, providing, for example “go back” navigation features. The session cookie is automatically deleted once you close your browser. When you access this site, a “language cookie” is set, so that it can relate content in different languages and assist you in using multi-language content. The language cookie ha a duration of one day. Whe you acces this website, you are prompted to accept or customize the cookies via our data privacy banner. This creates a cookie called CookieConsent that is placed in your computer, so that this website knows and respects your preferences, and has a duration of 60 days.
SERVER LOG FILES
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are: • Browser type and browser version • Operating system used • Referrer URL • Host name of the accessing computer • Time of the server request • IP address These data will not be combined with data from other sources. The basis for data processing is Art. 6 GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
When you fill a contact form your personal data is collected and sent securely via our email server to the destination email in our company. The collected personal data is kept to a minimum necessary to establish contact. The form content, including the opt-in, is also stored in the website database as per GDPR regulation.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
When you access our website our firewall analyses your IP address and browser information. The firewall also monitors your navigation pattern inside our site. This happens for security reasons, to prevent unauthorized access to our systems and botnet threats. the good news is that, if you are reading this text, that means the firewall has considered you as legitimte visitor to our website.
EMBEDDED CONTENT FROM OTHER WEBSITES
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties. We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed. The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
5) WHO WE SHARE YOUR DATA WITH
We use third-party services (data processors) in our website. The extent to which your data is shared with these providers depends on your use of our services, and we list the specific third-parties in use (with links to their privacy policies) in the sections below. Each third-party provider has been vetted by our security team to ensure that privacy policies and practices meet or exceed the same levels of compliance and standards that we follow. Where appropriate and available, we hold additional signed Data Privacy Agreements with these companies as an additional layer of accountability in order to help ensure your data is safe and secure. We disclose potentially personally-identifying and personally-identifying information only to our employees, contractors and affiliated organizations that (i) need to know that information in order to process it on our behalf or to provide services, and (ii) that have agreed, in writing, not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using our website and services, you consent to the transfer of such information to them. We will not rent or sell potentially personally-identifying and personally-identifying information to anyone. We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. If we ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.
AUTOMATED DATA PROCESSORS
Most modern websites use external services to provide specific functionallity. They are called Automated Data Processors. These services range from visitors analysis, video hosting – like Youtube, or social media access, like Facebook. These third party services collect personal data to be able to provide functionality. Our website also uses some of these services, you can find tehm below.
GOOGLE ANALYTICS REMARKETING
GOOGLE ADWORDS AND GOOGLE CONVERSION TRACKING
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 GDPR. Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.youtube.com/intl/en-GB/yt/about/policies/#community-guidelines
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By default, when displaying a map, this website presents only the map placeholder image, and Google Maps is not activated until the visitor requests the actual map, by clicking it. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 GDPR. Further information about handling user data, can be found in the data protection declaration of Google at https://policies.google.com/privacy .
FACEBOOK PAGES PLUGIN
SOCIAL SHARING BUTTONS
This site uses offline social sharing butons. This means that when navigating in the site, no personal data is transmitted to the respective social network providers. Only when a visitor clicks a sharing button he is taken to a sharing page, on that specific social netowrk, where he is asked to login or, if already logged-in, he can share the post in his social network account.
JETPACK BY AUTOMATTIC
This site uses Jetpack, a service provided via API by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110-4929, USA. The Jetpack plugin provides several specific functionalities,out of which the following are active and being used in this website:
Jetpack Protect is a service to protect websites against traditional brute force attacks and distributed brute force attacks that use many servers against our site. Jetpack’s botnet security features work automatically by blocking malicious login attempts. Data Used In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user. Activity Tracked Failed login attempts. Jetpack sets a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Data Synced to Jetpack’s servers Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
AKISMET BY AUTOMATTIC
CONTABO GMBH DATA CENTER
Contabo GmbH is the company responsible for the data center where this site is hosted. The company follows the requirements of GDPR and DSGVO, is certified for quality, environment and information security management systems. Details of the company can be found here: https://contabo.com/?show=company_details The datacenter privacy and certifications policy can be found here: https://contabo.com/data_privacy.html
6) HOW LONG WE RETAIN YOUR DATA
7) WHAT RIGHTS YOU HAVE OVER YOUR DATA
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given below if you have further questions on the topic of personal data. If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. Typically for visitors that have left comments, the data will be their email address, any IP addresses assigned to them at the time of leaving the comments and the user agent strings of the browsers they used. The rest of the data is public as published by the visitors. You can also request “to be forgotten”, that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. There are two ways for you to exercise your rights on personal data. If you whish to access, correct, amend, or delete inaccurate data, you can direct your request to [email protected] We will respond within a reasonable timeframe, not to exceed one week. Or, you can use the “self-service” tools available in this site, by using the form below.
PERSONAL DATA REQUEST
If you want to Delete (“Be Forgotten”) or Export your personall data in this site, please use the form below. You will receive an email and, after validation, the site administrator will comply with your request.
8) WHERE WE SEND YOUR DATA
9) HOW WE PROTECT YOUR DATA
The security and reliability of our service is our number one priority. We invest heavily in the training of our staff and our infrastructure to ensure that best practices are followed in everything that we do.
WORDPRESS CORE SECURITY
We use WordPress as the Content Management system for this website. WordPress is an open-source solid and secure content management system, the most widely used in the world and supported by thousands of volunteers. WordPress also has a dedicated WordPress Security Team, made up of approximately 50 experts including lead developers and security researchers. See wordpress.org/about/security for details on the security of the WordPress core itself. Prevention is best when it comes to security, and as a first step, we follow all WordPress Code Standards in the plugins that we use. In addition, we have an internal review process in place specifically to prevent potential security vulnerabilities in our plugins and services.
ACCESS TO DATA
All staff that has access to the content management system (including any contractors) undergo initial training to ensure proper understanding of all security-related processes. Staff review and agree, in writing, to all policies and procedures annually. We only use third-party services that are fully vetted and adhere to the highest levels of privacy and security practices and comply with GDPR or the EU-US Privacy Shield.
This site is hosted in Munich, Germany in a specialized and eco-friendly datacenter. This datacenter follows the requirements of GDPR and DSGVO, is certified for quality, environment and information security management systems. More details about the datacenter, as well as awards and distinctions, can be found here https://contabo.com/?show=awards and here https://contabo.com/?show=data_centers The datacenter privacy and certifications policy can be found here: https://contabo.com/data_privacy.html
SSL OR TLS ENCRYPTION
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
FIREWALL AND JETPACK PROTECT
By protecting our site against hackers, both services ack as an additional layer of protection to prevent an outside party to access your personal data.
10) WHAT DATA BREACH PROCEDURES WE HAVE IN PLACE
Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our customers via email no later than 48 hours of our team becoming aware of the event. We will also report such incident to any required data protection authority. We will work closely with any customers affected to determine next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.
11) WHAT THIRD PARTIES WE RECEIVE DATA FROM
Visitor comments may be checked through Akismet, an automated spam detection service. The Privacy and EU-US Privacy Shield of Akismet can be found above. Blacklisted IP’s are periodically downloaded to our firewall, via a GDPR compliant service. The compliance documentation can be found here: https://www.wordfence.com/help/general-data-protection-regulation/
12) WHAT AUTOMATED DECISION MAKING AND/OR PROFILING WE DO WITH USER DATA
We do not engage in any kind of automated decision making and/or profiling with website user data
13) ACCEPTANCE OF THESE TERMS
14) ALTERNATIVE RESOLUTION ON CONSUMER DISPUTES (RAL)
According to Law no. 144/2015, of September 8. In the event of a dispute, the consumer may use an Alternative Dispute Resolution Body for the Municipality in which the entity providing the service is located. The complete and updated list of these entities, as well as their contacts and additional information, is available at the Consumer Portal at www.consumidor.pt
May 24, 2018 – Updated language of the policy to be more user-friendly, specifically outlining requirements for meeting the GDPR.